Date: Wed, 4 Dec 2002 21:36:26 -0800 (PST) From: Julian Elischer <julian@elischer.org> To: Don Bowman <don@sandvine.com> Cc: "'freebsd-net@freebsd.org'" <freebsd-net@freebsd.org> Subject: RE: SO_DONTROUTE, arp's, ipfw fwd, etc Message-ID: <Pine.BSF.4.21.0212042135001.31249-100000@InterJet.elischer.org> In-Reply-To: <FE045D4D9F7AED4CBFF1B3B813C8533701023103@mail.sandvine.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 4 Dec 2002, Don Bowman wrote: > > From: Julian Elischer [mailto:julian@elischer.org] > > On Wed, 4 Dec 2002, Don Bowman wrote: > ... > > > It gets the destination MAC address from the SRC AMC field of the > > preceding incoming packets with that IP src, dst and port > > combination.... i.e. the node would look within the IP header. > > > > > > > Wouldn't it be more efficient for me to > > > just create the ether-header when the SYN comes in, store it > > > in the PCB, and use that on each outgoing packet for that tcp > > > connection, add a sockopt (or use SO_DONTROUTE for this on the > > > listen socket)? > > > > yes and no... you would be breaking the layering in > > the standard code and you'd get crucified for it. > > > > start with the ng_bridge node and make it look within > > the IP header and use that information in it's hash tables instead of > > MAC addresses. It'll need some hosekeeping code too. > > (to flush old info, though you could reduce this by removing > > entries when you see the FIN packets go past.) > > Perhaps I can do this within ipfw? Its only ipfw that is bringing up > this situation, making me respond to things that normally wouldn't > be routed to me. Perhaps 'ipfw' is missing something when it does > a 'fwd' to localhost, another step to make this all work? 'divert' sockets are to allow you to do things in ipfw.. > > FIN are pretty rare :) Too often things just shut off. I'm nervous > about trying to cache the info outside the PCB since it has to > stay in sync (its not like the arp cache, there's no way to get > the info back if you drop it early). > RST is even more problematic since I have to decide if its in-window. doesn't really matter.. if you remove a cache entry, you'll just recreate it on teh next incoming packet. > > --don (don@sandvine.com www.sandvine.com) > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-net" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0212042135001.31249-100000>